package com.kerrykidz.system.util.security;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

import com.kerrykidz.system.util.sync.OsUtils;
import com.kerrykidz.system.util.sync.OsUtils.BROWSER_TYPE;

/**
 * 
 * @ClassName: SecurityFormAuthenticationFilter
 * @description: SHIRO表单验证拦截器
 * @author: QUINN
 * @date: 2014年6月23日 下午5:09:57
 * @version: V1.0
 * 
 */
public class SecurityFormAuthenticationFilter extends FormAuthenticationFilter {

	private String pcLogin;
	private String padLogin;
	private String pcSuccessLogin;
	private String padSuccessLogin;

	@Override
	protected boolean isAccessAllowed(ServletRequest request,
			ServletResponse response, Object mappedValue) {
		return super.isAccessAllowed(request, response, mappedValue);
	}

	@Override
	protected boolean isLoginRequest(ServletRequest request,
			ServletResponse response) {
		if (pcLogin == null) {
			String loginUrl = super.getLoginUrl();
			String urls[] = loginUrl.split(",");
			pcLogin = urls[0];
			padLogin = urls[1];
		}
		return pathsMatch(pcLogin, request) || pathsMatch(padLogin, request);
	}

	@Override
	protected void saveRequestAndRedirectToLogin(ServletRequest request,
			ServletResponse response) throws IOException {
		saveRequest(request);
		redirectToLogin(request, response);
	}

	@Override
	protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
		BROWSER_TYPE type = OsUtils.getCurrentBrowserType(request);
		if (type == BROWSER_TYPE.PAD)
			WebUtils.issueRedirect(request, response, padLogin);
		else
			WebUtils.issueRedirect(request, response, pcLogin);
	}

	@Override
	protected AuthenticationToken createToken(String username, String password,
			ServletRequest request, ServletResponse response) {
		UsernamePasswordToken token = new UsernamePasswordToken();
		token.setUsername(getUsername(request));
		token.setPassword(getPassword(request).toCharArray());
		token.setHost(getHost(request));
		return token;
	}

	@Override
	protected boolean executeLogin(ServletRequest request,
			ServletResponse response) throws Exception {
		WebUtils.getAndClearSavedRequest(request);
		boolean hasLogin = super.executeLogin(request, response);
		if (hasLogin)
			request.setAttribute("loginStatus", -1);
		return hasLogin;
	}

	@Override
	protected boolean onLoginSuccess(AuthenticationToken token,
			Subject subject, ServletRequest request, ServletResponse response)
			throws Exception {
		issueSuccessRedirect(request, response);
		// we handled the success redirect directly, prevent the chain from
		// continuing:
		return false;
	}

	@Override
	protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
		if (pcSuccessLogin == null) {
			String successUrl = getSuccessUrl();
			String urls[] = successUrl.split(",");
			pcSuccessLogin = urls[0];
			padSuccessLogin = urls[1];
		}
		BROWSER_TYPE type = OsUtils.getCurrentBrowserType(request);
		if (type == BROWSER_TYPE.PAD)
			WebUtils.redirectToSavedRequest(request, response, padSuccessLogin);
		else
			WebUtils.issueRedirect(request, response, pcSuccessLogin);

	}

	@Override
	protected boolean onLoginFailure(AuthenticationToken token,
			AuthenticationException e, ServletRequest request,
			ServletResponse response) {
		return super.onLoginFailure(token, e, request, response);
	}
}
